<?php 

/* <!-- Before we start executing code, we need to make sure our variable is set. No since of executing code that we will not use until later. --> */
if (isset($_POST['id'])) { /* <!-- If our variable is set continue --> */
/* <!-- Establish a connection to the database --> */
$dbconnect = mysql_connect('localhost', 'root', '') or die("Couldn't connect to 'localhost' " . mysql_error() );
$dbselect = mysql_select_db('kursus_staf', $dbconnect) or die("Trouble selecting the 'kursus_staf'");
/* <!-- Define our User/Custom functions --> */
/* <!-- Adds single quotes to strings that we enter into the db - keeps our insert statements nice and clean. --> */
if (!function_exists('sql_val')) {
     function sql_val( $input ) {
          if ( get_magic_quotes_gpc() ) {
               $input = stripslashes( $input );
          } //get_magic_quotes_gpc()
          return ( "'" . mysql_real_escape_string( $input ) . "'" );
     }
} //end function not exist
/* <!-- Basic Sanitization - help prevent sql injections / hacks --> */
if ( !function_exists( 'clean' ) ) {
     function clean( $input, $type="", $no_tags="" ) {
          if ($no_tags != "") {
               $input = trim(strip_tags($input));
          }
          if ($type != "") {
               if (strlen(strstr($type,"("))>0) {
                    $split = explode("(", $type);
                    $type = $split['0'];
                    $limit = str_replace(")", "", $split['1']);

                    if ( ($type == "int") && (!is_int($input)) ) {
                         $input = (int)substr($input, 0, $limit);
                    } else {
                         $input = substr($input, 0, $limit);
                    }
               }
          }
          if ( get_magic_quotes_gpc() ) {
               $input = stripslashes( $input );
          } 
          if ( @mysql_ping() != "" ) {
               $input = mysql_real_escape_string( $input );
          } else {
               $search = array("\x00", "\n", "\r", "\\", "'", "\"", "\x1a");
               $replace = array("\\x00", "\\n", "\\r", "\\\\" ,"\'", "\\\"", "\\x1a");
               $input = str_replace($search, $replace, $input);
          }
          return $input;
     } //end function
} //end function not exist
/* <!-- Strips slashes and converts special html characters to normal text so we can display it on the screen without jacking up our form. --> */
if (!function_exists('reverb')) {
     function reverb($value) {
          return htmlspecialchars(stripslashes($value));
     }
}//end functin not exists
/* <!-- Wraps print_r in <pre> tags - so it prints nicely on the screen. --> */
if (!function_exists('print_x')) {
     function print_x($value) {
          echo '<pre>';
          print_r($value);
          echo '</pre>';
     }
}//end functin not exists
/* <!-- Process our POST - turn the data submitted from the form into PHP variables --> */
/* <!-- Never trust user input - clean the variables before we do anything else!! --> */
if (isset($_POST['id'])) { 
     $id = isset($_POST['id']) ? clean($_POST['id'], "int(11)") : "";
     $nama = isset($_POST['nama']) ? clean($_POST['nama'], "varchar(255)") : "";
     $noic = isset($_POST['noic']) ? clean($_POST['noic'], "varchar(255)") : "";
     $kategori_kursus = isset($_POST['kategori_kursus']) ? clean($_POST['kategori_kursus'], "varchar(255)") : "";
     $nama_kursus = isset($_POST['nama_kursus']) ? clean($_POST['nama_kursus'], "varchar(255)") : "";
     $tempat_kursus = isset($_POST['tempat_kursus']) ? clean($_POST['tempat_kursus'], "varchar(255)") : "";
     $anjuran = isset($_POST['anjuran']) ? clean($_POST['anjuran'], "varchar(255)") : "";
     $tarikh_mula = isset($_POST['tarikh_mula']) ? clean($_POST['tarikh_mula'], "date") : "";
     $tarikh_tamat = isset($_POST['tarikh_tamat']) ? clean($_POST['tarikh_tamat'], "date") : "";
     $bil_hari = isset($_POST['bil_hari']) ? clean($_POST['bil_hari'], "int(11)") : "";
     $tarikh_key_in = isset($_POST['tarikh_key_in']) ? clean($_POST['tarikh_key_in'], "date") : "";
     $disahkan = isset($_POST['disahkan']) ? clean($_POST['disahkan'], "text") : "";
     $kumpulan_perkhidmatan = isset($_POST['kumpulan_perkhidmatan']) ? clean($_POST['kumpulan_perkhidmatan'], "varchar(255)") : "";
}
/* <!-- Now that we have clean variables - lets prepair the insert statement so we can get them into the database. --> */
$query = 'INSERT INTO permohonan_kursus ( 
   `id`, 
   `nama`, 
   `noic`, 
   `kategori_kursus`, 
   `nama_kursus`, 
   `tempat_kursus`, 
   `anjuran`, 
   `tarikh_mula`, 
   `tarikh_tamat`, 
   `bil_hari`, 
   `tarikh_key_in`, 
   `disahkan`, 
   `kumpulan_perkhidmatan` 
) VALUES ( 
   '.sql_val($id).', 
   '.sql_val($nama).', 
   '.sql_val($noic).', 
   '.sql_val($kategori_kursus).', 
   '.sql_val($nama_kursus).', 
   '.sql_val($tempat_kursus).', 
   '.sql_val($anjuran).', 
   '.sql_val(date('Y-m-d',strtotime($tarikh_mula))).', 
   '.sql_val(date('Y-m-d',strtotime($tarikh_tamat))).', 
   '.sql_val($bil_hari).', 
   '.sql_val($tarikh_key_in).', 
   '.sql_val($disahkan).', 
   '.sql_val($kumpulan_perkhidmatan).' 
)'; 
/* <!-- The next comment lets you know if your in safe mode or not. --> */
/*<!-- NOT in safe mode!! -->*/
/* <!-- Now we execute the insert statement --> */
$result = mysql_query($query) or die('<p class="db_error"><b>A fatal MySQL error occurred while trying to save <b>'.reverb($_POST['id']).'</b> to the database.</b><br />Query: '.$query.'<br />Error: ('.mysql_errno().') '.mysql_error().'</p>');
/* <!-- If the insert executed, lets show success message --> */
if ($result) $db_message = '<p class="db_success">Successfully saved <b>id : '.reverb($_POST['id']).'</b> to the database!!</p>';
//print_x($query);/* <!-- print_x helpful for debugging --> */

/*<!-- NOT in safe mode!! -->*/

}//end if isset id
/* <!-- We are done with PHP so lets shut it down. --> */
?>


<!-- No that PHP is over with, lets get on with the HTML -->
<!-- #### Start #### Page #### Display #### -->
<!-- Standard HTML heading -->
<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Permohonan Kursus Form</title>
<meta name="keywords" content="#customize#" />
<meta name="description" content="#customize#" />
<link rel="stylesheet" href="#customize#" type="text/css" />
<link rel="icon" href="#customize#" type="image/x-icon" />
<link rel="stylesheet" href="http://code.jquery.com/ui/1.9.2/themes/base/jquery-ui.css" /> <!--utk date -->
<!--[if gte IE 7]><link rel="stylesheet" type="text/css" href="#customize#" media="screen, projection" /><![endif]-->
<!--[if IE 6]><link rel="stylesheet" type="text/css" href="http://universal-ie6-css.googlecode.com/files/ie6.0.3.css" media="screen, projection" /><![endif]-->
<style type="text/css">
.db_success { background-color: #91CB00; border: 1px solid #91CB00; border-radius: 5px; box-shadow: 1px 1px 0 #fff inset, -1px -1px 0 #fff inset; color: #F9F9F9; display: inline-block; margin: 10px 0; padding: 10px; }
.db_success b { background-color: #F9F9F9; border: 1px solid #F9F9F9; border-radius: 5px; box-shadow: 1px 1px 0 #91CB00 inset, -1px -1px 0 #91CB00 inset; color: #91CB00; display: inline-block; margin: 2px 0; padding: 2px; }
.db_error { background-color: #C91F2C; border: 1px solid #C91F2C; border-radius: 5px; box-shadow: 1px 1px 0 #fff inset, -1px -1px 0 #fff inset; color: #F9F9F9; display: inline-block; margin: 10px 0; padding: 10px; }
.db_error b b,.db_error b { background-color: #f6f6f6; border: 1px solid #f6f6f6; border-radius: 5px; box-shadow: 1px 1px 0 #C91F2C inset, -1px -1px 0 #C91F2C inset; color: #C91F2C; display: inline-block; margin: 2px 0; padding: 2px; }
pre { background-color: #999; border: 1px solid #999; border-radius: 5px; box-shadow: 1px 1px 0 #fff inset, -1px -1px 0 #fff inset; color: #F9F9F9; display: inline-block; margin: 10px 0; padding: 10px; text-align:left;}
pre b { background-color: #F9F9F9; border: 1px solid #F9F9F9; border-radius: 5px; box-shadow: 1px 1px 0 #999 inset, -1px -1px 0 #999 inset; color: #999; display: inline-block; margin: 2px 0; padding: 2px; }
</style>

  <script src="http://code.jquery.com/jquery-1.8.3.js"></script>
  <script src="http://code.jquery.com/ui/1.9.2/jquery-ui.js"></script>
  <link rel="stylesheet" href="/resources/demos/style.css" />
  <script>
  $(function() {
    $( "#tarikh_mula" ).datepicker({
      defaultDate: "+1w",
      changeMonth: true,
      numberOfMonths: 3,
      onClose: function( selectedDate ) {
        $( "#tarikh_tamat" ).datepicker( "option", "minDate", selectedDate );
      }
    });
    $( "#tarikh_tamat" ).datepicker({
      defaultDate: "+1w",
      changeMonth: true,
      numberOfMonths: 3,
      onClose: function( selectedDate ) {
        $( "#tarikh_mula" ).datepicker( "option", "maxDate", selectedDate );
      }
    });
  });
  </script>
</head>
<body id="permohonan_kursus_form">
<section class="db_message">
<?php if (isset($db_message)) echo $db_message; ?>
</section>
<header>
<nav>
<!-- #customize# -->
</nav>
</header>
<section class="form_container">

<!-- And here is our form -->
<form action="" method="POST" id="permohonan_kursus" name="permohonan_kursus" >
<fieldset>
<legend> Permohonan Kursus </legend>
<table width="60%">
  <tr>
    <td width="42%">Id</td>
    <td width="58%"><input type="text" value="<?php if (isset($id)) echo reverb($id); ?>" class="" id="id" name="id" maxlength="11" min="" max="" step="" /></td>
  </tr>
  <tr>
    <td>Nama</td>
    <td><input type="text" value="<?php if (isset($nama)) echo reverb($nama); ?>" class="" id="nama" name="nama" maxlength="255" /></td>
  </tr>
  <tr>
    <td>Noic</td>
    <td><input type="text" value="<?php if (isset($noic)) echo reverb($noic); ?>" class="" id="noic" name="noic" maxlength="255" /></td>
  </tr>
  <tr>
    <td>Kategori Kursus</td>
    <td><input type="text" value="<?php if (isset($kategori_kursus)) echo reverb($kategori_kursus); ?>" class="" id="kategori_kursus" name="kategori_kursus" maxlength="255" /></td>
  </tr>
  <tr>
    <td>Nama Kursus</td>
    <td><input type="text" value="<?php if (isset($nama_kursus)) echo reverb($nama_kursus); ?>" class="" id="nama_kursus" name="nama_kursus" maxlength="255" /></td>
  </tr>
  <tr>
    <td>Tempat Kursus</td>
    <td><input type="text" value="<?php if (isset($tempat_kursus)) echo reverb($tempat_kursus); ?>" class="" id="tempat_kursus" name="tempat_kursus" maxlength="255" /></td>
  </tr>
  <tr>
    <td>Anjuran</td>
    <td><input type="text" value="<?php if (isset($anjuran)) echo reverb($anjuran); ?>" class="" id="anjuran" name="anjuran" maxlength="255" /></td>
  </tr>
  <tr>
    <td>Tarikh Mula</td>
    <td><input type="text" value="<?php if (isset($tarikh_mula)) echo reverb($tarikh_mula); ?>" class="" id="tarikh_mula" name="tarikh_mula" maxlength="" /></td>
  </tr>
  <tr>
    <td>Tarikh Tamat</td>
    <td><input type="text" value="<?php if (isset($tarikh_tamat)) echo reverb($tarikh_tamat); ?>" class="" id="tarikh_tamat" name="tarikh_tamat" maxlength="" /></td>
  </tr>
  <tr>
    <td>Bil Hari</td>
    <td><input type="text" value="<?php if (isset($bil_hari)) echo reverb($bil_hari); ?>" class="" id="bil_hari" name="bil_hari" maxlength="11" min="" max="" step="" /></td>
  </tr>
  <tr>
    <td>Tarikh Key In</td>
    <td><input type="text" value="<?php if (isset($tarikh_key_in)) echo reverb($tarikh_key_in); ?>" class="" id="tarikh_key_in" name="tarikh_key_in" maxlength="" /></td>
  </tr>
  <tr>
    <td>Disahkan</td>
    <td><textarea class="" id="disahkan" name="disahkan" rows="" cols="" ><?php if (isset($disahkan)) echo reverb($disahkan); ?>
    </textarea></td>
  </tr>
  <tr>
    <td>Kumpulan Perkhidmatan</td>
    <td><input type="text" value="<?php if (isset($kumpulan_perkhidmatan)) echo reverb($kumpulan_perkhidmatan); ?>" class="" id="kumpulan_perkhidmatan" name="kumpulan_perkhidmatan" maxlength="255" /></td>
  </tr>
  <tr>
    <td><input type="submit" value="Submit" /></td>
    <td>&nbsp;</td>
  </tr>
  <tr>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
  </tr>
  <tr>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
  </tr>
</table>
<label for="nama"><br>
</label>
</fieldset>
</form>

<!-- Wrap it up with the footer -->
</section>
<p>
  <footer class="container">
    &copy;<?php date_default_timezone_set('America/Chicago'); echo date("Y"); ?> Permohonan Kursus Form <!-- #customize# -->
  </footer>
</p>
<p>&nbsp;</p>
</body>
</html>